article

An efficient remote user authentication and key agreement protocol for mobile client-server environment from pairings

Author:

Debiao HeAuthors Info & Claims

Ad Hoc Networks, Volume 10, Issue 6

Pages 1009 - 1016

https://doi.org/10.1016/j.adhoc.2012.01.002

Published: 01 August 2012 Publication History

Abstract

With the continue evaluation of mobile devices in terms of the capabilities and services, security concerns increase dramatically. To provide secured communication in mobile client-server environment, many user authentication protocols from pairings have been proposed. In 2009, Goriparthi et al. proposed a new user authentication scheme for mobile client-server environment. In 2010, Wu et al. demonstrated that Goriparthi et al.'s protocol fails to provide mutual authentication and key agreement between the client and the server. To improve security, Wu et al. proposed an improved protocol and demonstrated that their protocol is provably secure in random oracle model. Based on Wu et al.'s work, Yoon et al. proposed another scheme to improve performance. However, their scheme just reduces one hash function operation at the both of client side and the server side. In this paper, we present a new user authentication and key agreement protocol using bilinear pairings for mobile client-server environment. Performance analysis shows that our protocol has better performance than Wu et al.'s protocol and Yoon et al.'s protocol. Then our protocol is more suited for mobile client-server environment. Security analysis is also given to demonstrate that our proposed protocol is provably secure against previous attacks.

References

[1]

ElGamal, T., A public key cryptosystem and a signature protocol based on discrete logarithms. IEEE Trans. Inf. v31. 469-472.

[2]

Rivest, R.L., Shamir, A. and Adleman, L., A method for obtaining digital signatures and public key cryptosystems. Commun. ACM. v21 i2. 120-126.

[3]

V.S. Miller, Use of elliptic curves in cryptography, in: Proceedings of the Advances in Cryptology - CRYPTO'85, New York, USA, 1985, pp. 417-426.

[4]

Koblitz, N., Elliptic curve cryptosystem. Math. Computat. v48. 203-209.

[5]

A. Shamir, Identity-based cryptosystems and signature protocols, in: Proceedings of the Advances in Cryptology - Crypto'84, Santa Barbara, USA, 1984, pp. 47-53.

[6]

Boneh, D. and Franklin, M., Identity-based encryption from the Weil pairing. SIAM J. Comput. v32 i3. 586-615.

[7]

Das, M.L., Saxena, A., Gulati, V.P. and Phatak, D.B., A novel remote client authentication protocol using bilinear pairings. Comput. Security. v25 i3. 184-189.

[8]

T. Goriparthi, M.L. Das, A. Negi, A. Saxena, Cryptanalysis of recently proposed remote client authentication protocols. <http://eprint.iacr.org/2006/028>.

[9]

G. Fang, G. Huang, Improvement of recently proposed remote client authentication protocols. <http://eprint.iacr.org/2006/200>.

[10]

D. Giri, P.D. Srivastava, An improved remote client authentication protocol with smart cards using bilinear pairings. <http://eprint.iacr.org/2006/274>.

[11]

Tseng, Y.M., Wu, T.Y. and Wu, J.D., A pairing-based client authentication protocol for wireless clients with smart cards. Informatica. v19 i2. 285-302.

[12]

Goriparthi, T., Das, M.L. and Saxena, A., An improved bilinear pairing based remote client authentication protocol. Comput. Stand. Interface. v31 i1. 181-185.

[13]

An efficient client authentication and key agreement protocol for mobile client-server environment. Comput. Networks. v54. 1520-1530.

[14]

E.-J. Yoon, K.-Y. Yoo, A new efficient ID-based user authentication and key exchange protocol for mobile client-server environment, in: 2010 IEEE International Conference on Information Technology and Systems (ICWITS).

[15]

Mitsunari, S., Sakai, R. and Kasahara, M., A new traitor tracing. IEICE Trans. vE85-A i2. 481-484.

[16]

Schnorr, C.P., Efficient signature generation by smart cards. J. Cryptol. v4 i3. 161-174.

[17]

D. He, J. Chen, J. Hu, An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security, Inf. Fusion.

[18]

M. Jakobsson, D. Pointcheval, Mutual authentication and key agreement protocol for low power devices, in: Proceedings of the 5th International Conference on Financial Cryptography, 2001, pp. 178-195.

[19]

M. Bellare, D. Pointcheval, P. Rogaway, Authenticated key agreement secure against dictionary attacks, in: Proceedings of the Advances in Cryptology - EUROCRYPT 2000, LNCS, vol. 1807, Springer-Verlag, 2000, pp. 139-155.

[20]

D. Hankerson1, J. Hernandez, A. Menezes, Software Implementation of Elliptic Curve Cryptography over Binary Fields, CHES 2000, LNCS 1965, 2000, pp. 1-24.

Digital Library

[21]

M. Scott, Computing the Tate pairing, in: Proceedings of the Cryptology - CT-RSA 2005, LNCS, vol. 3376, Springer-Verlag, 2005, pp. 293-304.

Digital Library

[22]

G. Bertoni, L. Breveglieri, M. Venturi, Power aware design of an elliptic curve coprocessor for 8 bit platforms, in: Proceedings of the 4th Annual IEEE International Conference on Pervasive Computing and Communications Workshops - PERCOMW'06, IEEE, 2006, pp. 337-341.

[23]

G. Bertoni, L. Breveglieri, M. Venturi, ECC hardware coprocessors for 8-bit systems and power consumption considerations, in: Proceedings of the 3rd International Conference on Information Technology: New Generations - ITNG'06, 2006, pp. 573-574.

[24]

M. Scott, N. Costigan, W. Abdulwahab, Implementing cryptographic pairings on smartcards, in: Cryptographic Hardware and Embedded Systems - CHES 2006, LNCS, vol. 4249, Springer-Verlag, 2006, pp. 134-147.

[25]

Shamus Software. <http://www.shamus.ie/index.php>.

Cited By

Kumar VRay SSadhukhan DKarmakar JDasgupta M(2023)Enhanced pairing‐free identity‐based broadcast authentication protocol in WSN using ElGamal ECCSecurity and Privacy10.1002/spy2.2786:3Online publication date: 8-May-2023
https://dl.acm.org/doi/10.1002/spy2.278
Luo YLi HMa RGuo Z(2021)A Composable Multifactor Identity Authentication and Authorization Scheme for 5G ServicesSecurity and Communication Networks10.1155/2021/66971552021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/6697155
Das PVashisth AChadha DAnanda Kumar SBanerjee AShiaeles S(2021)LIMAP: A Lightweight Multilayer Authentication Protocol for WBANWireless Personal Communications: An International Journal10.1007/s11277-021-08853-x121:4(2857-2884)Online publication date: 1-Dec-2021
https://dl.acm.org/doi/10.1007/s11277-021-08853-x
Show More Cited By

An efficient remote user authentication and key agreement protocol for mobile client-server environment from pairings

Recommendations

An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security

Recently, lots of remote user authentication schemes are implemented on elliptic curve cryptosystem (ECC) to reduce the computation loads for mobile devices. However, most of those remote user authentication schemes on ECC suffer from different attacks ...
An efficient user authentication and key exchange protocol for mobile client-server environment

Considering the low-power computing capability of mobile devices, the security scheme design is a nontrivial challenge. The identity (ID)-based public-key system with bilinear pairings defined on elliptic curves offers a flexible approach to achieve ...
An anonymous ID-based remote mutual authentication with key agreement protocol on ECC using smart cards
SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied Computing

In recent times, Debiao et al. proposed an ID-based user authentication with key agreement protocol on elliptic curve cryptography (ECC). Conversely, our analysis shows that their scheme contains various security limitations such as many logged-in users'...

Comments

Information & Contributors

Information

Published In

cover image Ad Hoc Networks

Ad Hoc Networks Volume 10, Issue 6

August, 2012

297 pages

ISSN:1570-8705

Issue’s Table of Contents

Copyright © Elsevier B.V. © 2012.

Publisher

Elsevier Science Publishers B. V.

Netherlands

Publication History

Published: 01 August 2012

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

35
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Kumar VRay SSadhukhan DKarmakar JDasgupta M(2023)Enhanced pairing‐free identity‐based broadcast authentication protocol in WSN using ElGamal ECCSecurity and Privacy10.1002/spy2.2786:3Online publication date: 8-May-2023
https://dl.acm.org/doi/10.1002/spy2.278
Luo YLi HMa RGuo Z(2021)A Composable Multifactor Identity Authentication and Authorization Scheme for 5G ServicesSecurity and Communication Networks10.1155/2021/66971552021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/6697155
Das PVashisth AChadha DAnanda Kumar SBanerjee AShiaeles S(2021)LIMAP: A Lightweight Multilayer Authentication Protocol for WBANWireless Personal Communications: An International Journal10.1007/s11277-021-08853-x121:4(2857-2884)Online publication date: 1-Dec-2021
https://dl.acm.org/doi/10.1007/s11277-021-08853-x
Li FWang JZhou YJin CIslam S(2020)A heterogeneous user authentication and key establishment for mobile client–server environmentWireless Networks10.1007/s11276-018-1839-426:2(913-924)Online publication date: 1-Feb-2020
https://dl.acm.org/doi/10.1007/s11276-018-1839-4
Ferrag MMaglaras LDerhab AJanicke H(2020)Authentication schemes for smart mobile devices: threat models, countermeasures, and open research issuesTelecommunications Systems10.1007/s11235-019-00612-573:2(317-348)Online publication date: 1-Feb-2020
https://dl.acm.org/doi/10.1007/s11235-019-00612-5
Kumari SRenuka K(2019)Design of a Password Authentication and Key Agreement Scheme to Access e-Healthcare ServicesWireless Personal Communications: An International Journal10.1007/s11277-019-06755-7117:1(27-45)Online publication date: 28-Sep-2019
https://dl.acm.org/doi/10.1007/s11277-019-06755-7
Hassan AOmala AAli MJin CLi F(2019)Identity-Based User Authenticated Key Agreement Protocol for Multi-Server Environment with AnonymityMobile Networks and Applications10.1007/s11036-018-1145-524:3(890-902)Online publication date: 1-Jun-2019
https://dl.acm.org/doi/10.1007/s11036-018-1145-5
Hassan AHamza RMawutor VPatil ALi F(2019)A Lightweight Certificateless User Authentication Scheme for Mobile EnvironmentMachine Learning for Cyber Security10.1007/978-3-030-30619-9_9(112-122)Online publication date: 19-Sep-2019
https://dl.acm.org/doi/10.1007/978-3-030-30619-9_9
Ferrag MMaglaras LArgyriou AKosmanos DJanicke H(2018)Security for 4G and 5G cellular networksJournal of Network and Computer Applications10.1016/j.jnca.2017.10.017101:C(55-82)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1016/j.jnca.2017.10.017
Mandal SMohanty SMajhi B(2018)Cryptanalysis and Enhancement of an Anonymous Self-Certified Key Exchange ProtocolWireless Personal Communications: An International Journal10.1007/s11277-017-5156-599:2(863-891)Online publication date: 1-Mar-2018
https://dl.acm.org/doi/10.1007/s11277-017-5156-5
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents